adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
space-r7 50301f9045 rubocop changes 2021-09-15 10:30:07 -05:00
space-r7 1dedffded1 use array for user names, skip empty user names 2021-09-15 09:29:40 -05:00
Spencer McIntyre fb74888a31 Correct the CVE reference 2021-09-15 08:42:55 -04:00
Robin fcf48c5817 Fixing a problem where the module reported failure but actually 
succeeded
 2021-09-15 10:59:03 +01:00
Spencer McIntyre 1bd3a764a6 Fixup issues from testing 2021-09-14 16:32:25 -04:00
Spencer McIntyre 480dec9a1e Land #15658, Add module for CVE-2021-32682 2021-09-14 14:09:27 -04:00
space-r7 278807be98 check contents of json after attempted upload 2021-09-14 11:36:28 -05:00
Grant Willcox cec3a4bc46 Land #15601, Add Geutebruck Post Exploitation Module 2021-09-14 10:03:21 -05:00
Spencer McIntyre d82ed7d4a2 Write up the module docs 2021-09-14 09:10:44 -04:00
Spencer McIntyre 3986707895 Add and test the remaining targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d640866b68 Apply rubocop changes and fix all targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d4834631c3 Add the generated YSoSerial gadget chain 2021-09-14 09:10:44 -04:00
Spencer McIntyre 02fde3ac51 Initial work on CVE-2021-3287 2021-09-14 09:10:44 -04:00
adfoster-r7 1499b1988e Land #15609, Add Meterpreter compatibility commands 2021-09-13 15:21:03 +01:00
kensh1ro c1868d94cd add base64 encoding to shellcode 2021-09-12 17:00:24 +03:00
kensh1ro 4454a7600a add minor fixes to module code 2021-09-10 22:56:04 +03:00
adfoster-r7 46718e3390 Run Rubocop layout rules on modules 2021-09-10 12:53:39 +01:00
Hynek Petrak eaed5d30c7 Allow authenticated user creation 2021-09-10 12:42:20 +02:00
Ashley Donaldson 0927737948 Adapted WinRM module logging to MSF logging 
Separated WinRM module into separate files
 2021-09-10 15:54:50 +10:00
space-r7 91ae50eb27 escapeshellcmd -> escapeshellarg 2021-09-09 17:28:05 -05:00
Ashley Donaldson b0e1502c86 Implemented suggestions from code review 
- Use a literal hash
- Comment meaning of NTLM transforms
- store loot with data ready to go, to keep database in sync with file
 2021-09-10 08:25:25 +10:00
space-r7 0095613a94 add completed module and documentation 2021-09-09 16:58:40 -05:00
Grant Willcox 7d3d57817f Add in final changes so that we verify what we insert into the database more and only insert valid formats of data, and then also update the documentation accordingly 2021-09-08 17:27:53 -05:00
Grant Willcox 8057b63329 Add in documentation for various scenarios, fix up another database error, and also improve error handling of invalid responses from the server 2021-09-08 17:27:51 -05:00
Grant Willcox d813e82fa3 Fix up saving data to the database so we have all the necessary info, fix web search to save all IPs discovered and fix up a connection issue encountered during testing 2021-09-08 17:27:49 -05:00
Yvain Douard 3ba0d5e3be facets outfile 2021-09-08 17:27:48 -05:00
Grant Willcox e1cfc8d956 Bring documentation in line with standards and also update the module to fix a bug and to make it more conformant 2021-09-08 17:27:46 -05:00
Owein 9de8ad8108 with web search and possible lists of results: do not use newline to list it but pass the list as is to the table 2021-09-08 17:27:43 -05:00
Owein 8ab247066c facets will work, a little listing of options' values in the readme won't hurt. 2021-09-08 17:27:41 -05:00
Owein 1686e98d6e was missing the function for writing to a file. 
rid of a loop that we didn't want.
 2021-09-08 17:27:40 -05:00
Owein d49405df34 zoomeye more comprehensive output 2021-09-08 17:27:38 -05:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
Jack Heysel 77e8de5881 Land #15645, Add Confluence OGNL exploit module. 
Merge branch 'land-15645' into upstream-master
 2021-09-08 16:51:06 -04:00
Spencer McIntyre 3443345417 Land #15655, Cleanup rbmysql options 2021-09-08 13:44:53 -04:00
adfoster-r7 f1ec12cb7e Cleanup rbmysql options 2021-09-08 15:51:21 +01:00
William Vu 8c4e5d262c Add Atlassian Confluence CVE-2021-26084 exploit 2021-09-08 06:57:31 -05:00
Ashley Donaldson 3acddf75b4 Suggested changes from code review 
* Report socket info
* Use existing Event class
* Remove debugging prints
* Comment obscure constant
 2021-09-08 07:36:59 +10:00
bwatters cfc3930405 Land #15634, Add DFLAG_BIG_CREATION to capability flags for erlang_cookie_rce.rb 
Merge branch 'land-15634' into upstream-master
 2021-09-07 14:00:49 -05:00
Jack Heysel e30ccafd86 Refeactor lfs.rb, revert rubocop changes on library files 2021-09-07 13:43:10 -04:00
bwatters a7d99ebbfc Land # 15611, ProxyShell Improvements 
Merge branch 'land-15611' into upstream-master
 2021-09-07 11:47:13 -05:00
h00die 3c82f43644 only scan exploitable wordpress things 2021-09-06 11:56:32 -04:00
Ashley Donaldson a65bfc9b00 If we're told on the first request that our creds are wrong, don't try again 2021-09-07 00:10:39 +10:00
Ashley Donaldson 78d6c26ec0 Make winrm_cmd module work with the changes 2021-09-06 23:36:59 +10:00
Ashley Donaldson 00100f426c Handle the server ceasing to respond 2021-09-06 23:24:23 +10:00
Ashley Donaldson 170d911c71 Fixed edge case; scanner automagically changes the SSL value based on the port 2021-09-06 22:49:52 +10:00
kensh1ro 1adde377ec Replace XOR with CHACHA and remove unnecassary code 2021-09-06 12:23:46 +03:00
Ashley Donaldson eeef8a3085 Support domain login in WinRM module 2021-09-06 10:25:36 +10:00
Ashley Donaldson 7a75a91dc6 Request stdout on a separate thread, so we are alerted when the shell dies. 2021-09-06 09:33:44 +10:00
Mike Brown 28e358066b Fixed typo 
Extraneous `.`. Thanks, macOS!
 2021-09-04 14:34:05 -07:00
Mike Brown 2bfc8d35d0 Defined capability flags in comment 
Added descriptive comment for included capability flags.
 2021-09-04 14:32:30 -07:00